package com.cx.simpleweb.filter;

import com.cx.simpleweb.config.GateWayRequestMatcher;
import com.cx.simpleweb.dto.UserLogin;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.RequestMatcher;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.beans.beancontext.BeanContextServiceProvider;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;

/**
 * @author cxx
 * @create 2021-01-15 9:24
 **/
public class LoginFilter extends AbstractAuthenticationProcessingFilter {


    private GateWayRequestMatcher requiresAuthenticationRequestMatcher;

    private AuthenticationManager authenticationManager;

    private List<String> loginServices;

    private ObjectMapper objectMapper = new ObjectMapper ();

    public LoginFilter(AuthenticationManager authenticationManager,GateWayRequestMatcher requiresAuthenticationRequestMatcher,String... loginService) {
        super (requiresAuthenticationRequestMatcher);
        this.requiresAuthenticationRequestMatcher = requiresAuthenticationRequestMatcher;
        this.authenticationManager = authenticationManager;
        if(loginService == null){
            throw new RuntimeException ("登录服务未命名");
        }
        loginServices = Arrays.asList (loginService);
    }

    @Override
    protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) {
        return loginServices.contains (requiresAuthenticationRequestMatcher.getService ());
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        UserLogin userLogin = objectMapper.readValue (request.getInputStream (), UserLogin.class);
        return authenticationManager
                .authenticate (new UsernamePasswordAuthenticationToken (userLogin.getUsername (),userLogin.getPassword (),new ArrayList<> (0)));
    }

    @Override
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
        Object principal = authResult.getPrincipal ();

        Collection<? extends GrantedAuthority> authorities = authResult.getAuthorities ();
        //验证成功的操作
    }


    @Override
    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
        //验证失败的操作

    }
}
